cbcvebase.
CVE-2023-33568
published 2023-06-13

CVE-2023-33568: An issue in Dolibarr 16 before 16.0.5 allows unauthenticated attackers to perform a database dump and access a company's entire customer file, prospects…

PriorityP264high7.5CVSS 3.1
AVNACLPRNUINSUCHINAN
EXPLOIT
EPSS
14.94%
96.3th percentile
An issue in Dolibarr 16 before 16.0.5 allows unauthenticated attackers to perform a database dump and access a company's entire customer file, prospects, suppliers, and employee information if a contact file exists.

Affected

2 ranges
VendorProductVersion rangeFixed in
dolibarrdolibarr>= 16.0.0 < 16.0.516.0.5
dolibarrdolibarr_erp_crm>= 16.0.0 < 16.0.516.0.5

Detection & IOCsextracted from sources · hover to see the quote

url/public/ticket/ajax/ajax.php?action=getContacts&email=%
otherhttp.favicon.hash:440258421
othericon_hash=440258421
  • HTTP GET request to the unauthenticated endpoint /public/ticket/ajax/ajax.php with action=getContacts and a wildcard email parameter (email=%) triggers the database dump. A 200 response containing both '"database_name":' and '"database_user":' in the body confirms exploitation.
  • Affected versions are Dolibarr 16 before 16.0.5. The dump includes public and private notes in addition to customer, prospect, supplier, and employee contact data.
  • ·Exploitation requires that a contact file exists on the target Dolibarr instance; if no contact file is present, the attack path is not available.

CVSS provenance

nvdv3.17.5HIGHCVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N
osv7.5HIGH
CVEs like this are exactly what “Exploited This Week” covers.

Every Monday: what got weaponized or added to CISA KEV in the last seven days — each CVE cross-linked to its PoC, Nuclei template, and detection rule. Free, one email a week, unsubscribe in one click.